Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
1000
VMScore

CVE-2016-7182

Published: 14/10/2016 Updated: 12/10/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Word Viewer

Vulnerability Summary

The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Console allows malicious users to execute arbitrary code via a crafted True Type font, aka "True Type Font Parsing Elevation of Privilege Vulnerability."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft word viewer -

microsoft office 2010

microsoft windows 8.1

microsoft windows 7 -

microsoft live meeting 2007

microsoft office 2007

microsoft windows 10 1607

microsoft windows 10 1511

microsoft windows server 2008 r2

microsoft windows server 2008 -

microsoft lync 2013

microsoft skype for business 2016

microsoft windows server 2012 r2

microsoft windows server 2012 -

microsoft lync 2010

microsoft windows 10 -

microsoft windows rt 8.1 -

microsoft windows vista -

Exploits

Exploit DB: Microsoft Windows - 'win32k.sys' TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120)
Source: bugschromiumorg/p/project-zero/issues/detail?id=868 We have encountered Windows kernel crashes in the win32k!sbit_Embolden and win32k!ttfdCloseFontContext functions while processing corrupted TTF font files Excerpts of them are shown below: --- KERNEL_MODE_EXCEPTION_NOT_HANDLED (8e) This is a very common bugcheck Usually the ...

References

CWE-20http://www.securityfocus.com/bid/93395http://www.securitytracker.com/id/1036988https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-120https://nvd.nist.govhttps://www.exploit-db.com/exploits/40599/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook